Beautiful People data breach: Industry reaction

Another day, another large-scale data breach. The victim this time is exclusive dating site Beautiful People, with the personal details of over 1 million members being stolen and leaked online.

In light of this latest example of the cyber security dangers now facing businesses every day, various industry professionals have offered their thoughts and analysis.

“This hack on Beautiful People is the latest in a long line of data breaches we have seen over the last six months. The fact that hackers were able to access names, addresses and even the income of 1.1m users is testament to the fact that companies need to be doing more as threats evolve.

“In today’s threat landscape it’s essential for any organisation that holds data that maybe valuable to an attacker to have the ability to detect, validate and contain threats quickly. Attackers will make it past perimeter defences, and we should expect this, what we need to do is stop them before they achieve their goals. This isn’t all about technology – although having the right tools helps – people and process are key.”

“This breach coupled with the huge Ashley Madison breach last year suggests that dating sites are still a focus area for criminals. The fact that 1.1m customer details were stolen in December and remained undetected until now highlights this is a continuing issue. The amount of data and confidential information that is transacted every day, coupled with the growth in reliance on digital services, means that every organisation in any industry is at risk. Businesses need to consider the stark reality that a data breach will happen and ensure they have appropriate defences in place, but also are ready for when an incident will occur.

“With consumers battling to understand the effect on their personal information if a company is hacked, there is no room for error. According to research from Fujitsu, only 9 per cent of consumers believe British organisations are doing enough to protect their data. This means that organisations must not only ensure that they are using every possible method to protect customer data – from data encryption to robust firewalls – but they need to truly remain transparent with customers to instil confidence when it comes to data security.”

“The impact such exposure can have is not only detrimental to the security of an individual’s personal details, but can also have serious financial implications. Customers that are entrusting private information into the care of a website should be safe in the knowledge it is kept in a secure manner and all companies who handle private data have a duty to ensure it.

“Unfortunately, once a breach of this nature has been made, there is not much that can be done. In this case, customers can change usernames and passwords just to be on the safe side, but ultimately, the damage related to customers’ privacy being compromised is not something that can be easily fixed. Consumers should always read any terms of use and privacy policies very carefully before sharing confidential data with websites.

“Whilst security solutions significantly mitigate the risk of a successful attack, there are also other measures businesses can take in order to provide thorough protection. These measures include running fully updated software, performing regular security audits on the website code and penetration testing the infrastructure.
“It’s crucial that businesses ensure all passwords are protected with proprietary hashing and salting technology. The best way for organisations to combat these types of cyber-attacks is at the beginning; by having an effective cybersecurity strategy in place before the company becomes a target.”